Access "Reporter notebook: SCADA security, Oracle vulnerability, SQL Slammer"
This article is part of the June 2012 issue of Five actions to prepare for today’s external security threats
Journalists accumulate piles of notebooks filled mostly with a lot of innocuous stuff. Most of it never makes it to print or online. Unless of course you have to write a column and don’t have one thing you want to write about and just want to do what’s affectionately known as a notebook dump in journalism circles. Enjoy. SCADA security: Pipelines under attack Earlier this year, I was lucky enough to get a dose of reality regarding SCADA security -- or SCADA insecurity as the case may be. At the Kaspersky Security Analyst Summit 2012, Terry McCorkle, a researcher who has a day job with a major U.S. manufacturer, talked about a project he and fellow researcher Billy Rios took on examining the reachability of Human Machine Interfaces (HMI) online. HMI translates SCADA data into a visual representation of an industrial system, essentially building a flowchart of industrial processes. McCorkle and Rios found 95 easily exploitable vulnerabilities on these Windows-based interfaces living online. Attackers exploiting these vulnerabilities could in theory flip ... Access >>>
Premium Content for Free.
Cybersecurity information sharing initiatives on the rise
by Robert Lemos, Contributor
Businesses and government agencies work to improve sharing of cyberthreat information.
Security information management systems and application monitoring
by Joel Snyder, Contributor
SIMs aren’t just for network monitoring anymore.
- Cybersecurity information sharing initiatives on the rise by Robert Lemos, Contributor
Challenges with data protection in the cloud
by Dave Shackleford
Capabilities such as encryption and DLP can be complicated in the cloud.
CISPA cybersecurity legislation wins industry support
by Robert Westervelt, News Director
Legislation designed to provide the federal government with threat data from the private sector gains steam.
- Challenges with data protection in the cloud by Dave Shackleford
Reporter notebook: SCADA security, Oracle vulnerability, SQL Slammer
by Michael S. Mimoso, Editorial Director
Reflections on the ICS CERT alert, Oracle’s handling of a zero-day and more.
Marcus Ranum chat: Software development practices and security
by Marcus Ranum, Contributor
Security expert Marcus Ranum talks with Brian Chess, formerly of HP, about coding practices and security.
Information security threats: Building risk resilience
by Steve Durbin, Contributor
Enterprises need an agile risk management strategy to deal with today’s evolving threats.
- Reporter notebook: SCADA security, Oracle vulnerability, SQL Slammer by Michael S. Mimoso, Editorial Director
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...